Simple vB User login and access control on non vB pages
 

Hack Description

This is a cut down version of the user authentication and access control system I use on the non vB pages on my website.

This uses the vB 4.0 login system to log you in and out. It allows you to move between your forums and other pages on your site while remaining logged in.

It allows you to do things such as restrict pages by usergroup, display different content depending on a user being logged in or not.
For example, you can have banner Adds displaying to non members only, and/or let members access to specific content.

I've cut it down to the bare minimum that it needs to work, no fancy stuff such as avatars, PM's, or even formating. (That is in the Deluxe version - not yet released)

This is not supported, but if any questions / issues are posted here (not PM'ed or emailed) I will try and answer them if I have time.

This code is a mix of my own, and pieces I have used from other hacks that are floating around.

This script has been confirmed as working on

• vB 4.0 beta3

Change log

Version 4.00 (15th November 2009)

• Initial vB 4.0.x release

Click on Install
If you have this script installed then please click on the install link because;

• You will get notified if any security issues are reported.
• You will get notified when there are any upgrades to this script
• It gives me a warm fuzzy feeling and motivates me to develop more :)

Note - The following troubleshooting tips work on vB 3.7 & 3.8, they have not yet been proven on vB 4.0

Usage

The hack is pretty useless without some usage instructions so here they are.

We can use conditionals to hide or display depending on a number of things such as
Logged in or out status,
or restrict to members of a specific usergroup.

We do this by using conditionals in php tags where the normal content of a webpage would go.


If you want something only accessable to a certain usergroup, use this code in your webpage. This example is only visible to members of usergroup 6.
You can use a simple variation of this to restrict entire pages to a certain usergroup.
For example,
You can of course use multiple usergroups by just modifiying the if statement a little.
For example:

Another use is to display different content to users depending on if they are logged in or not. For example
Another use is to restrict advertising to people who are not logged in.
For example
Of course you can play around with conditionals to do a whole range of things, these are just brief example snippets.



Troubleshooting

If your reading this chances are you are having problems.

Here are some common causes and fixes.

1. Headers already sent or cookies already sent errors. Chances are that there is something, even just a space before the 4 lines of code in part 1. Edit this and ensure that there are no spaces before it.
   
   
   
2. Path problems are the next biggest problem. Your paths must be exact else it will not work. Double check that all paths are correct.
   If you are unsure what the path is place the following code in a page all by itself.
   
   PHP Code:

   ---

   <?php 
echo getcwd(); 
?>

   ---

   Name this file something like path.php then upload it to your website, browse to it and it will show you the exact path to your sites root.
   
   
   
3. Appears to login ok, but wont show you as logged in
   Often caused by the vB cookie path setting.
   To fix log into you vB admin area;
   
   Code:

   ---

   AdminCP -> vBulletin Options -> Cookies and HTTP Header Options -> Path to Save Cookies

Change

'Suggested Settings' dropdown from '/forums/' to '/' or 'yourdomain.com'

   ---

   
   
4. Subdomains and cross site logins
   This is a known issue with many scripts (not just this one), sometimes fixable sometimes not. Its caused by vB, PHP and your hosts security measures.
   
   First change your "cookie domain" settings.
   vB Admin > Control Panel > Cookies and HTTP Header Options > Cookie Domain
   Change it from being blank to
   
   PHP Code:

   ---

   .yourdomain.com 


   ---

   You may need to set a post referrer in your whitelist.
   vB Admin > Control Panel > General Settings > Post Referrer Whitelist
   Instructions on what to enter are listed where you change this setting.
   
   That should fix it if your forum is a subdomain.
   
   If that fails then,
   Open your /forum/login.php file and look for this code:
   
   PHP Code:

   ---

   error_reporting(E_ALL & ~E_NOTICE); 


   ---

   Below that add
   
   PHP Code:

   ---

   define('SKIP_REFERRER_CHECK', true); 


   ---

   Now save this and overwrite the file on the server with this one.
   
   A further reported work around is to make a copy of the required Forum Forum files on your second Server. Then you must set in the config.php on the second server to use the ip of the server with which the VB-Database is running.
   
   
   
5. 404 Error on expiring passwords
   Cause - When redirected for expired password you are redirected to the directory that your login script is located in, not your forums root.
   
   Fix - Edit phrase called
   Code:

   ---

   passwordexpired

   ---

   Your current phrase should be
   
   Code:

   ---

   Your password is {1} days old, and has therefore expired.<br />
<br />
Please change your password using <a href="profile.php?{2}do=editpassword">this page</a>.

   ---

   change it to
   
   
   Code:

   ---

   Your password is {1} days old, and has therefore expired.<br />
<br />
Please change your password using <a href="../forums/profile.php?{2}do=editpassword">this page</a>.

   ---

   where ../forums/ is your forums directory.
   
   
   
6. Still got problems?
   It may be a conflict with somthing already in your site.
   To check this we can just make a simple page.
   Call it test.php and use just this code in it.
   (Make sure there is no whitespace before the 1st line)
   
   PHP Code:

   ---

   <?php
$curdir = getcwd ();
chdir('/path/to/your/forums');
require_once('/path/to/your/forums/global.php');
chdir ($curdir);
?>
<html> 
<body> 
This is a heading<br /> 
This is some more stuff <br /> 
And another line<br /> 
You get the idea<br /> 
Just place stuff as you normally would with HTML<br /> 
I use CSS to style and position on my site fwiw<br /> 
<br /> 
How about we put the login box right under here?<br /> 
<br /> 
<?php 
    require_once('/path/to/your/login_inc.php'); 
?> 
</body> 
</html>

   ---

   Naturally, change paths to fit your forums, then upload it.
   Browse to it and run it.

thaanks
reserved

Reserved till i get my site up. I have been waiting for this. Glad it wasnt long! :)

Is this correct or a typo -
Do you mean login_inc.php?

Where do we put the login_inc file included with this hack? Any special directory, or whichever directory we are running the script?

Thanks. :)

*Edit -

Also, do these statements work with the new VB code?

The first is a typo, login_inc.php is what it is named (unless you change it)

And the statements do work.

However I do have an issue. I can't use the statements twice. Not sure what is going on but if I used the statement once, it doesn't work to use it again.

Whoopsie :o
Sorry about that, its just a typo.
login_inc.php is correct.
I will fix it.

Just put it wherever you want, as long as you change the path to suit it should be fine.
I normally just put it under something like mywebside.com/includes/

Your example code:In case a site has 14 or 51 usergroups they want to control, I think it might be an idea to use the array and check against it?

untested:

If you want to allow a number of groups that would probably be a better way of doing it.
Ive only ever used it to allow extra stuff for Admins and Mods so I never really had a need to optimise it for a large number of groups.

Im getting this error -

My file paths are correct and there is no white space. Any idea's?

i ll try it

thanxxx
________
Lamborghini Jalpa

Hiya Bill,

Do you think this could work as a wrapper in WordPress, where we use your authentication system to require people to authenticate against vB before they're allowed to post comments?

I can easily extend WordPress' comment section and would like to do something like (pseudo code obviously):
Would it display the forum's username (if echoed correctly) or do we need the deluxe version for that? (which sounds like a better solution anyway, since I'd like to use the avatars as well). I don't care so much about all the other vB stuff, but would love to have this as a simple vB powered authentication system inside WordPress.

Works on a standalone file, but won't work properly on my wordpress site.

The login boxes and what not appear, but after I am directed to the login.php file I am sent back to my wordpress page with the login boxes still showing.

I tried all the steps with the cookie settings and login.php file.

Moviecrematorium.com is my site. Any help would be appreciated.


Great plugin btw ;)

Any help with this?

I too have the same issue as you =[

My Fix:

well, I'm using this in the root of the site for a custom html page. I feel like a dumbass because i looked at the source and it had "<html>" twice. So my "custom.php" file that I made all I included in it was:

That seemed to work for me and fixed my issue. Hope this helps someone else.

You should make yur file XHTML compliant, it causes over 100 errors when trying to validate at W3C Schools

Im interested in incorporating this on WP as well, comments would be handy but not totally needed, but what I am looking to do is use the wordpress usergroup permission settings to restrict access to certain articles, has anyone tried this yet?

thanks!

MOGmartin

From the included instructions file:
If you get a message saying headers already sent or cookies already sent, chances are that there is something, even just a space before the 4 lines of code in part 1. Edit this and ensure that there are no spaces before it.

This is pretty damn useful. Tagged for later.
I'm guessing once the Deluxe version comes out we gotta pay? :P
It'd be nice if it had option to show newest threads, users postcount, etc.

No it will be free, because otherwise that would mean that I whould have to provide an acceptable level of support, and currently I dont have time to do that.

If we hook this mod up can we extend it with features from deluxe (once it comes) without having to undo everything we installed from this mod?

Hello everyone,

I have a little problem on my main page of my site and that with this change that you put up here and I want to have on my page.

Your code is only nickel but as I joined my current page that has a system of multi-language ca va plus.

Thank you for your help.

common.php
index.php

Hello,

I managed to set up your mod and now I telnet to see the game appear to say whether it has the message and what we are and what login into your mod.

Thank you in advance for your valuable help

Do our webpages need to be named *.php? Virtually all of my non-vB pages are currently *.shtml as they pull dynamic data from another program. Will this mod work for me?

It not works on 4.0.1 :(

Only works with php pages as it is.


Well it does on my test site.
Unless you post some error messages its hard to guess whats happened.

I thought i'd throw out there that i'm getting the old "no such file or directory" error for
which does exist... I've also tried with full url
EDIT: nevermind got it fixed, i'm such a dumbass :P

You could add this code in the login_inc.php to have it show avatars:

How do I use it for a site on a different domain (and server) than my vB installation?

Hey,

Having an issue with this mod, normally I can fix them myself being a developer. Cant seem to figure this one out tho!

I'm getting this error: Undefined variable: specialtemplates on line 20 of global.php.

The forum works fine stand-alone, it's just when I include this into my own system. I've already done all the normal error checking and directory checking, it's all fine.

Anyone recommend something I've missed?

Quick question, when a user is not logged in, I get the default vbulletin forum login page instead of w/e php echo i set. How can i fix this?

I'm trying to get this working on www.mynintendo.de. It works if I put it on a testpage, outside of wordpress. However, whenever I try to use it within wordpress it's not working. The Login process works, but it's not showing me as logged in.

I think it's related to the header code, I got this in header.php in wordpress:
All paths are correct. Does anyone have an idea why this is not working with wordpress? Did anyone have success with wordpress so far?

Thanks a lot.

thanks very much.... i needed it badly!

not working with wordpress.
i am logged in my forums but it is not showing
Welcome Username.... showing login forum

please help

Thanks for this updated mod.

Is it possible to have the text input fields the same as on the forum login, with "user name" and "password" disappearing when you click in the text input?

how to integrate with wordpress ??

OK, found solution here, its working

Thanks for this mod! I love it. I can make pages on my main site that requires users to be logged in, and even better: the coding is really easy to understand, no 3490859345 lines of coding that confuses the hell outa me.

Works perfectly on my site ^^

I got the same thing first too, but you need to put the full path to your forum, not just /forums/.

So /home/username/public_html/forums/ for an example. It will work

Tagged for use latter.

thanks very much, but is it possible to add the facebook connect button too?